f18fb4e5cb4238c1b742caf9316ee861a41d5500ef07ef2303ad83c6fe7dda42

Sharing

Copy URL Twitter E-mail

General

Target

f18fb4e5cb4238c1b742caf9316ee861a41d5500ef07ef2303ad83c6fe7dda42
Size

219KB
MD5

7f33ae205449b4af20fe2bfd64b937a0
SHA1

add3747e789be031c077a4023e652af8ab3170d9
SHA256

f18fb4e5cb4238c1b742caf9316ee861a41d5500ef07ef2303ad83c6fe7dda42
SHA512

97527ef76daee0c06ce52f56fafbab8527321ee7e72f2e5ac629a3d9dd159abc8a7cf9cc2a98c4d096e712686ca6f51bc921cf750c8bfd400baba2d3d0c1ace9
SSDEEP

3072:gRwv/8WFo7X8m/R/F/dWLEp9yNFWXIkHpR3UzlMpSfb5omP70YDqPVZ+X3Ijt6:9Fo7MKzWYW+VozlM40+Ijt

Score

N/A

Malware Config

Signatures

Files

f18fb4e5cb4238c1b742caf9316ee861a41d5500ef07ef2303ad83c6fe7dda42
.dll windows x86

b33d1a21b369775b851a1dbfdbe4cce1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegLoadKeyA
RegDeleteKeyA

shlwapi

SHQueryInfoKeyA
SHDeleteKeyA
SHDeleteValueA
PathGetCharTypeA
SHStrDupA
SHEnumValueA
SHGetValueA
SHQueryValueExA
SHSetValueA
PathIsContentTypeA

kernel32

VirtualAllocEx
SetEndOfFile
GetCommandLineA
HeapAlloc
DeleteCriticalSection
GetModuleFileNameA
ExitProcess
GlobalAlloc
GetProcessHeap
GetUserDefaultLCID
SetErrorMode
GetVersionExA
HeapFree
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetSystemDefaultLangID
GetOEMCP
GetFileSize

oleaut32

SysFreeString
SafeArrayPtrOfIndex
SysStringLen
SafeArrayGetUBound
RegisterTypeLib

user32

GetClientRect
CharToOemA
UnhookWindowsHookEx
GetWindowLongA
FrameRect
GetSysColor
MessageBeep
GetScrollRange
GetDlgItem
SetScrollPos
GetCursor
GetKeyboardState
RemoveMenu
IsRectEmpty
GetClipboardData
TrackPopupMenu
DispatchMessageW
GetFocus
SetWindowTextA
OemToCharA
GetMenuItemID
SetActiveWindow
CharNextW
RegisterClipboardFormatA
ReleaseCapture
DrawAnimatedRects
IsWindowVisible

version

VerInstallFileA
GetFileVersionInfoSizeA

shell32

SHGetSpecialFolderLocation
SHGetFolderPathA

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
GetRgnBox
GetDIBColorTable
SaveDC
RestoreDC
GetClipBox
SetBkColor
GetObjectA
CreatePenIndirect

comctl32

ImageList_DragShowNolock
ImageList_Destroy

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 178KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 995B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b33d1a21b369775b851a1dbfdbe4cce1

Headers

File Characteristics

Imports

advapi32

shlwapi

kernel32

oleaut32

user32

version

shell32

gdi32

comctl32

Sections

.text Size: 33KB - Virtual size: 33KB

.edata Size: 178KB - Virtual size: 317KB

BSS Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 616B

.rdata Size: 1024B - Virtual size: 995B

.reloc Size: 1024B - Virtual size: 650B

.text
Size: 33KB - Virtual size: 33KB

.edata
Size: 178KB - Virtual size: 317KB

BSS
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 616B

.rdata
Size: 1024B - Virtual size: 995B

.reloc
Size: 1024B - Virtual size: 650B